From patchwork Sat Jul 1 07:34:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Ritesh Harjani (IBM)" X-Patchwork-Id: 13298986 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3B9B1EB64DC for ; Sat, 1 Jul 2023 07:36:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229585AbjGAHf7 (ORCPT ); Sat, 1 Jul 2023 03:35:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32780 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229688AbjGAHfg (ORCPT ); Sat, 1 Jul 2023 03:35:36 -0400 Received: from mail-pf1-x432.google.com (mail-pf1-x432.google.com [IPv6:2607:f8b0:4864:20::432]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 84175E46; Sat, 1 Jul 2023 00:35:35 -0700 (PDT) Received: by mail-pf1-x432.google.com with SMTP id d2e1a72fcca58-666ecf9a081so2063797b3a.2; Sat, 01 Jul 2023 00:35:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1688196934; x=1690788934; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=WZ/jQNKid21qXJou8CnoLfrwuQ5vopNmAWZzAmROpvo=; b=g1cnZGQHwHY4j5KqSn3DnVK6viYRmvBT8dDWQEStnmyYo0zrWwBOBgDAKfzjQ3O00e ia0xhnaXagXyWT+ExNhYx8B9R4Yg7/roQkvvse8PFvuPC2k2Zh8HRKQl/X9f035YdvK3 EhrcA61QPKcSDd8l1k2joX528ZdnUFlES/F5+KYNZceB75QKvQhZKax6v56YSxzVwd+X x0/PgC8rIkV0kftn0Uhag7cdxdO6eB/GXcGSWrjQRWBLdd6MCHVXXJILXJOiQKYwJyUL 8O6yxXwLYIVDHcKDUoab3Q824p7RWhP0kJsWcnJp5V6oYJSJp3mnuPJH5ga0z3xNCbt/ eoBQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1688196934; x=1690788934; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=WZ/jQNKid21qXJou8CnoLfrwuQ5vopNmAWZzAmROpvo=; b=bKOSFAOZ/XzqpRiXo9kBlBEx7Po5UStbCjdPUKy1tv7G7qBx95G8CENF5xl0E1SXvq ABc05lBRaLBm3igCvRwHNy6Q0WASs6Y5zrV6ZJT51tMlT9YpBr081qHJYHGgNmyLMmnm p6sWKcenbiKUIcYVTd/zsbkPeBeKT+WeFc9pcYMtVwj0DCmLlJUhjG+ow2TxtY8vHmD5 fESZfxxkyF0Lt876CZgvxOAhlcuHzkyj1NZIF5kp4UBG414gqysim+bZIutVVha8U7Yq pf/kKo1GSBLgz7fMIN62sHSEkW09Z2L2G7J1s9yO6YMhxzq/YTijRUwqF1ZVmCrAwr0t 6sxw== X-Gm-Message-State: ABy/qLbdXp87bqNiiEdwJaXXzaj1TchhZnUf5o22qhZar8416mXw6yXz EoU+k14CeAi8g2VRr4HC9lc1tt0YNAc= X-Google-Smtp-Source: APBJJlHv0wtr72ZPUzmgnzwvqNQjWmc+9jhDBZ6z+VKpMVHtjQGh+HFxjKQ7X5P9DC+9+dmPKBrBOQ== X-Received: by 2002:a05:6a00:9a8:b0:677:cda3:2222 with SMTP id u40-20020a056a0009a800b00677cda32222mr6554696pfg.14.1688196934433; Sat, 01 Jul 2023 00:35:34 -0700 (PDT) Received: from dw-tp.localdomain ([49.207.232.207]) by smtp.gmail.com with ESMTPSA id h14-20020aa786ce000000b0063aa1763146sm8603414pfo.17.2023.07.01.00.35.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 01 Jul 2023 00:35:33 -0700 (PDT) From: "Ritesh Harjani (IBM)" To: linux-xfs@vger.kernel.org Cc: linux-fsdevel@vger.kernel.org, "Darrick J . Wong" , Matthew Wilcox , Christoph Hellwig , Brian Foster , Andreas Gruenbacher , "Ritesh Harjani (IBM)" Subject: [PATCHv11 4/8] iomap: Fix possible overflow condition in iomap_write_delalloc_scan Date: Sat, 1 Jul 2023 13:04:37 +0530 Message-Id: X-Mailer: git-send-email 2.40.1 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org folio_next_index() returns an unsigned long value which left shifted by PAGE_SHIFT could possibly cause an overflow on 32-bit system. Instead use folio_pos(folio) + folio_size(folio), which does this correctly. Suggested-by: Matthew Wilcox Signed-off-by: Ritesh Harjani (IBM) Reviewed-by: Darrick J. Wong --- fs/iomap/buffered-io.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.40.1 diff --git a/fs/iomap/buffered-io.c b/fs/iomap/buffered-io.c index e45368e91eca..cddf01b96d8a 100644 --- a/fs/iomap/buffered-io.c +++ b/fs/iomap/buffered-io.c @@ -933,7 +933,7 @@ static int iomap_write_delalloc_scan(struct inode *inode, * the end of this data range, not the end of the folio. */ *punch_start_byte = min_t(loff_t, end_byte, - folio_next_index(folio) << PAGE_SHIFT); + folio_pos(folio) + folio_size(folio)); } /* move offset to start of next folio in range */